Monthly Archives: September 2011

Google's Picasa and Yahoo! Groups used to spread spam


Spammers are turning to Google and Yahoo! to help them spread their wares. Shouldn't Google and Yahoo! follow industry best practices of confirming your interest before sending you email?

Windows 8 anti-virus has a long way to go


When testing the included unmanaged anti-virus in Windows 8 I ran across an odd quirk. It doesn't detect EICAR properly. I present my results and what to expect in this article.

Microsoft's botnet shutdown won't stop Mac malware


After Microsoft's shutdown of the Kelihos botnet on Monday some suggested it would slow down Mac malware purveyors. While the shutdown of the botnet and the domain will help, it's only temporary.

Don't fight cybercrime on your own - do it with Synergy!


Next week, I'll be talking at the Identity and Hi-Tech Crime Symposium 2011 in Gold Coast, Queensland, Australia.

There's still time for last-minute registrations at the event, so if you're in the region, why not join me there?

GrrCON: Visualizing data to make sense of security


The quantity of data confronting us often makes it difficult to analyze and determine what's important. I recently saw a presentation using an Arduino to display real time network traffic that helped make sense of the chaos.

Amazon Kindle Fire's Silk browser sounds privacy alarm bells


Amazon announced their new Kindle Fire tablet today, including a new accelerated web browser Silk. Can making the web faster threaten our privacy?

Names and addresses of 25,000 police officers published by Anonymous cell

Names and addresses of 25,000 police officers published by Anonymous cell

Police officers are once again finding their names, dates of birth and home addresses have been published on the web.

Meanwhile, over half a million customers of a health insurance company have their personal data put at risk.

Not the real Firefox 7 website - be wary of Google's search results

Not the real Firefox 7 website - be wary of Google's search results

If you're keen to download Firefox 7, please make sure that you download it from the correct website.

Good advice as someone steals second place for "Firefox 7" in Google's search results.

Firefox 7 security fixes, http vs https and data collection

Firefox 7

Mozilla has released Firefox 7, the latest incarnation of their popular web browser.

Recently Firefox has been getting through new version numbers faster than a fat man chasing a ice cream van.

Flashback Mac Trojan poses as Adobe Flash update, opens backdoor

Flashback Mac Trojan poses as Adobe Flash update, opens backdoor

Mac users are once again being reminded to keep their anti-virus software up-to-date, following the discovery of a Trojan horse that poses as an update to Adobe Flash.

SSL authenticity evolution


After attending the annual GrrCON in Grand Rapids, Michigan I thought I would share my thoughts on the keynote address delivered by Moxie Marlinspike. Moxie detailed the problems with the existing certificate authority system and proposed his ideas for a solution.

100 texts a day limit? India tries to combat mobile phone spam

India tries to combat SMS text spam

New spam regulations, introduced in India, limit the users of mobile phones to sending only 100 texts per day.

The reason? To stop the growing problem of SMS text spam.

Facebook cookie complaints get the wrong end of the stick


The news wires are awash with stories about Facebook, cookies and privacy.

But is Facebook really doing anything which lots of other sites aren't? Or is the story just something of a security red herring?

'Pepper spray' officer named by Occupy Wall Street activists


Should a New York policeman's name, address and family details be published on the internet by activists - because he is alleged to have pepper-sprayed Wall Street protestors? hacked for second time in a year hacked (again)

The website has been struck by cybercriminals, who hacked their way in to serve up malicious code to visiting computers.

Simply visiting the home page of the website, initiated a Java exploit that downloaded and executed malicious code on visiting Windows computers.

USA Today's Twitter account falls foul of hackers


USA Today is the latest high profile Twitter account to have fallen victim to a group of hackers.

A group calling themselves the Script Kiddies have claimed responsibility for the hack, which involved posting a series of messages to the official USA Today Twitter account.

Amstrad's retro E-m@iler, email privacy and data loss

Amstrad's retro E-m@iler, email privacy and data loss

The purchase of a second-hand oddball phone/internet hybrid, the Amstrad E-m@iler, uncovers emails that probably should have remained private to the original owner.

Facebook's ticker privacy scare, and what you should do about it

Facebook's ticker privacy scare

Facebook users are scaring each other over the new ticker, worried that privacy has been compromised.

Testing shows that privacy settings are working the same as they did before, but you should still take care to ensure you aren't helping strangers eavesdrop on online conversations.

Facebook price grid? $9.99 for gold membership? The charging hoax continues to spread

Facebook price grid? $9.99 for gold membership? The charging hoax continues to spread

Duped Facebook users are sharing a message with their online friends, believing it will help them avoid charges of between $3.99 and $9.99 per month.

Of course, the chain letter is completely bogus - and should not be forwarded.

Secure web browsing cracked by BEAST


A pair of researchers have unveiled a serious new attack on web browser security.

The ability to crack encrypted web traffic removes the safety net that protects you when you're doing sensitive online tasks like banking or using credit cards.